D-TRUST-Root PKI Certification Practice Statement
D-TRUST-Root PKI Certification Practice Statement
D-TRUST-Root PKI Certification Practice Statement
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
D-<strong>TRUST</strong>-<strong>Root</strong>-<strong>PKI</strong> <strong>Certification</strong> <strong>Practice</strong> <strong>Statement</strong><br />
4. Operating requirements<br />
4.1 Certificate Application and Registration<br />
4.1.1 Application Eligibility<br />
These provisions are specified in the Certificate Policy [CP].<br />
4.1.2 Registration-process and Administrative Responsibility<br />
Class 3-2<br />
During the registration-process the applicants are made aware of the CP, the CPS and a<br />
subscriber agreement, which they must commit to observe. The documents will be<br />
published. The formal obligation follows the [ETSI-F] regulations. The application<br />
also contains the applicant’s declaration of consent stating his decision on publishing<br />
the resulting certificates. The documents are stored on paper or electronically.<br />
Class 3 EV-Certificates<br />
The declaration of consent is consistent with “Subscriber Agreement”, section<br />
9.3 [GL-BRO].<br />
4.2 Processing the Certificate Application<br />
4.2.1 Identification and Authentication<br />
The described procedures for identification and registration must be fully implemented in<br />
accordance with the provisions for the different class-categories; the necessary<br />
documents of proof must be impeccable.<br />
The CSP defines the following methods of identification and authentication:<br />
Pers-Ident<br />
An individual must personally identify himself to an RA, an official partner or an<br />
external provider that fulfills the requirements of the [CP] with his official ID (ID-card,<br />
passport or documents with equal standing) and be authenticated in turn. A valid ID-card<br />
or passport is deemed an acceptable identification document for individuals from the<br />
European Union or from states belonging to the Schengen-Agreement. Other documents<br />
with comparable status may be submitted instead. No copies of the identification<br />
documents are made or stored at the RA or CSP.<br />
Dok-Ident<br />
The pertinent contents are compared through copies (paper copies or digitalized, i.e.<br />
scanned documents or faxes) with the application data. Random samples are verified<br />
through telephone calls (compare out-of-band-mechanisms). Acceptable documents are<br />
those listed in the section Pers-Ident as well as commercial register (or comparable)<br />
excerpts no older than six months, PhD documents, documents of a postdoctoral lecture<br />
qualification, certificates of appointment, or comparable documents. Copies of the<br />
identification documents are kept either as hard-copies or in digital form.<br />
Page 21 of 53